Documentation index

Privacy & cookie policy generator ›

Privacy policy for apps that include account registration

Since the release of iOS 8, Apple has implenented many more reasons to reject your app application. In this post, we’ll go over the reason termed “user registration”.

Article 17.5 of Apple’s App Store Review Guidelines provides grounds for rejection that have existed for some time. The article reads as follows:

17.5 Apps that include account registration or access a user’s existing account must include a privacy policy or they will be rejected

iubenda makes solving this issue easy. Adding an account registration clause to your privacy policy simply involces selecting “direct registration” from the add services list.


As a second and last step, you’ll be asked to customize this service and imput the type of data that your application collects.


After completing the “add services” step you must retrieve the link to your privacy policy (or one of the other embedding options for that matter).

About third party account systems

If you have a login system in place that uses Facebook or Twitter you can dislcose so with our built in extensions as well.

Direct registration plus Facebook

  • + Facebook: If your users are able to log in with their Facebook account you must disclose that with the “Access to the Facebook account” service;
  • + You’ll also want to disclose that you make them log in via the “Facebook Authentication” service.

Other third parties

If you use Twitter or other auth (=OAuth) services for user management, then add the respective service while keeping the “Direct registration” in place.

Generate your privacy policy with iubenda

Still have questions?

Visit our support forum Email us